Last update at :2024-05-19,Edit by888u
Generally speaking, the security of the Linux system is already very high, but it may also encounter some special situations, such as someone else's targeted "saucy" blasting, and they will continue to guess and try to log in. If you ignore it, If so, there are still high hidden dangers. Here we will talk about modifying the default port 22 under CentOS 7 to improve the security factor. The general steps are as follows:
step1 Modify /etc/ssh/sshd_config vi /etc/ssh/sshd_config #Port 22 //Remove the # from this line to prevent the remote login from being impossible if the configuration is not good, and you have to go to the computer room to modify it. Comment it out after the modified port can be used. Port 20000 //Add this line below
step2 Modify firewall configuration Firewall adds the ssh port you want to modify: firewall-cmd –zone=public –add-port=20000/tcp –permanent (permanent is to save the configuration, otherwise this modification will be invalid after the next restart) reload firewall: firewall-cmd –reload Check whether the port is added successfully. If the port is added successfully, yes will be displayed, otherwise no. firewall-cmd –zone=public –query-port=20000/tcp
step3 Modify SELinux Use the following command to view the ssh ports currently allowed by SElinux: semanage port -l | grep ssh
Add port 20000 to SELinux semanage port -a -t ssh_port_t -p tcp 20000
Then confirm whether to add it semanage port -l | grep ssh If successful it will output ssh_port_t tcp 20000, 22
step4 restart ssh systemctl restart sshd.service
step5 Test the ssh connection of the new port Test the ssh connection after modifying the port. If successful, comment out port 22 in step 1 again
Recommended site search: Which Hong Kong server is the fastest, ip proxy free version, registration space, cn domain name price, domain name and host, Taiwan proxy server, US unlimited content host, website server, ip, 1g US virtual host, < /p>
发表评论